Validating Form Submittion

Validating Form Submittion

Good morning folks :) I've created a logging tool for a client that logs specific key codes that credit customer accounts for a contest. These codes are unique to each email address which are used to login to the site so that the customer can track their progress in the contest. I have managed to disable entry duplicates. (I found that clicking the REFRESH button on the browser was inserting a record!!!) I used a server side validation to ensure that any additional inserts for duplicates was disabled.

The special codes that are redeemed are randomly generated and are then stored in a table and are associated with a customer record_id. I need to be able to look at this record and make sure that ONLY valid codes that are stored with the customer record are recorded. My code validation process right now will refuse duplicates, but if someone was to make up a bogus code, the application would credit the customer for using that bogus code.

How do I create an additional server side validation to look my codes table and make sure that only codes listed are approved and credited?

Well what's stored and assigned to a specific user is randomly generated. But while testing the application, I noticed while redeeming a code that I could create a bogus code and it would count. Perhaps I've not fully created the most logical tool, but at this point I have to seal up this hole in my process.

I need to both stop duplicates and prevent bogus codes from being used.

To solve the Duplicate issue, you will need to create a record set that filters based on the email address. And then you will need to change the trigger for the insert server behavior only if the total rows of that record set is to 0. You can use the code that is generated from the Show If Server behaviors from DW.

In regard to validating the code. I think the only validation you can do is the length of the code, so you can use Security Assist Randome Number Generator to generate the code with a specific length, and then you can validate the length. another thing you might want to do is make sure that the code is only used once, so you might want to use another table to store already used codes and do a look up based on the user id and the code to make sure the code have not been used before.